Cado Security, a startup provider of cloud forensics and incident response solutions that enables security teams to respond to threats at "cloud speed," has rolled out Masked-AI, a new open-source tool kit to help safely mask sensitive data for use of public APIs.
The emerging cloud forensics and investigation market is focused on helping infrastructure teams to take control and automate their post-incident processes. Accordingly, MaskedAI’s open-source library enables the use of Large Language Models (LLM) APIs, such as OpenAI/GPT-4 more securely without sending out sensitive information.
Available as a download from the GitHub repository, Masked-AI allows developers to use APIs such as OpenAI without worrying about security concerns.
Masked-AI currently masks:
- Individuals’ names
- Credit card numbers
- Email addresses
- Phone numbers
- Web links
- IP addresses
Masked-AI replaces sensitive data with a placeholder and sends the masked request to the API, according to Cado Security. The solution stores a lookup table locally to then later reconstruct the API output to include the sensitive data for the user to consume.
The impetus behind the solution is concern over the exposure of highly sensitive data shared with a third-party API, Cado said. And even with data usage policy changes, there have still been security issues, including the exploitation of users’ AI conversations.
Cado adds that Masked-AI conceals sensitive data shared via API to ensure confidentiality and greater security while continuing to take advantage of AI’s benefits.
Commenting on the product launch, Chris Doman, chief technology officer and Cado co-founder, said:
“Masked-AI is an open-source tool that anyone can use to ensure better security and privacy when leveraging OpenAI/ChatGPT, which is especially important in the context of incident response. As active participants in the security community, this is an impactful milestone for empowering security professionals to respond to threats at cloud speed. This simple, yet powerful tool demonstrates that we can use LLMs securely without compromising on the quality of the responses generated.”
Cado Gains Funding Boost
The London-based company recently raised $20 million (approximately €18.93M) in a fresh round of funding. In total, Cado has raised a total funding of $31.5 million (approximately €29.82M) to date. Cado intends to use the funds for global expansion, product development, go-to-market strategies and grow sales and marketing.
Previously, the company introduced an Interactive Incident Response feature within the Cado Platform utilizing GPT-3 to further streamline forensic investigations and expedite response. Cado noted several potential issues with using GPT-3 in production environments for the incident response use case, including privacy-related concerns.